Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 11:08:02 -06:00
Code Activity

Windows: Use new Windows API to mitigate dll hijacking attacks.

Browse Source
This commit is contained in:
Mounir IDRASSI
2016-07-29 12:08:48 +02:00
parent a7f1ba05b4
commit 2389561406
1 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/Common/Dlgcode.c
View File

@@ -247,8 +247,13 @@ HMODULE hwinscarddll = NULL;
#define BASE_SEARCH_PATH_PERMANENT 0x00008000 #define BASE_SEARCH_PATH_PERMANENT 0x00008000
#endif #endif
#ifndef LOAD_LIBRARY_SEARCH_SYSTEM32
#define LOAD_LIBRARY_SEARCH_SYSTEM32 0x00000800
#endif
typedef BOOL (WINAPI *SetDllDirectoryPtr)(LPCWSTR lpPathName); typedef BOOL (WINAPI *SetDllDirectoryPtr)(LPCWSTR lpPathName);
typedef BOOL (WINAPI *SetSearchPathModePtr)(DWORD Flags); typedef BOOL (WINAPI *SetSearchPathModePtr)(DWORD Flags);
typedef BOOL (WINAPI *SetDefaultDllDirectoriesPtr)(DWORD DirectoryFlags);
typedef void (WINAPI *InitCommonControlsPtr)(void); typedef void (WINAPI *InitCommonControlsPtr)(void);
@@ -269,6 +274,7 @@ typedef BOOL (WINAPI *ChangeWindowMessageFilterPtr) (UINT, DWORD);
SetDllDirectoryPtr SetDllDirectoryFn = NULL; SetDllDirectoryPtr SetDllDirectoryFn = NULL;
SetSearchPathModePtr SetSearchPathModeFn = NULL; SetSearchPathModePtr SetSearchPathModeFn = NULL;
SetDefaultDllDirectoriesPtr SetDefaultDllDirectoriesFn = NULL;
ImageList_CreatePtr ImageList_CreateFn = NULL; ImageList_CreatePtr ImageList_CreateFn = NULL;
ImageList_AddPtr ImageList_AddFn = NULL; ImageList_AddPtr ImageList_AddFn = NULL;
@@ -2565,11 +2571,14 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine)
/* remove current directory from dll search path */ /* remove current directory from dll search path */
SetDllDirectoryFn = (SetDllDirectoryPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDllDirectoryW"); SetDllDirectoryFn = (SetDllDirectoryPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDllDirectoryW");
SetSearchPathModeFn = (SetSearchPathModePtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetSearchPathMode"); SetSearchPathModeFn = (SetSearchPathModePtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetSearchPathMode");
SetDefaultDllDirectoriesFn = (SetDefaultDllDirectoriesPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDefaultDllDirectories");
if (SetDllDirectoryFn) if (SetDllDirectoryFn)
SetDllDirectoryFn (L""); SetDllDirectoryFn (L"");
if (SetSearchPathModeFn) if (SetSearchPathModeFn)
SetSearchPathModeFn (BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE | BASE_SEARCH_PATH_PERMANENT); SetSearchPathModeFn (BASE_SEARCH_PATH_ENABLE_SAFE_SEARCHMODE | BASE_SEARCH_PATH_PERMANENT);
if (SetDefaultDllDirectoriesFn)
SetDefaultDllDirectoriesFn (LOAD_LIBRARY_SEARCH_SYSTEM32);
InitOSVersionInfo(); InitOSVersionInfo();
@@ -2591,7 +2600,9 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine)
LoadSystemDll (L"secur32.dll", &hsecur32dll, TRUE, SRC_POS); LoadSystemDll (L"secur32.dll", &hsecur32dll, TRUE, SRC_POS);
LoadSystemDll (L"msasn1.dll", &hmsasn1dll, TRUE, SRC_POS); LoadSystemDll (L"msasn1.dll", &hmsasn1dll, TRUE, SRC_POS);
LoadSystemDll (L"Usp10.DLL", &hUsp10Dll, TRUE, SRC_POS); LoadSystemDll (L"Usp10.DLL", &hUsp10Dll, TRUE, SRC_POS);
LoadSystemDll (L"UXTheme.dll", &hUXThemeDll, TRUE, SRC_POS); if (IsOSAtLeast (WIN_7))
LoadSystemDll (L"dwmapi.dll", &hdwmapidll, TRUE, SRC_POS);
LoadSystemDll (L"UXTheme.dll", &hUXThemeDll, TRUE, SRC_POS);
LoadSystemDll (L"msls31.dll", &hMsls31, TRUE, SRC_POS); LoadSystemDll (L"msls31.dll", &hMsls31, TRUE, SRC_POS);
LoadSystemDll (L"SETUPAPI.DLL", &hSetupDll, FALSE, SRC_POS); LoadSystemDll (L"SETUPAPI.DLL", &hSetupDll, FALSE, SRC_POS);
@@ -2634,8 +2645,6 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine)
LoadSystemDll (L"devobj.dll", &hdevobjdll, TRUE, SRC_POS); LoadSystemDll (L"devobj.dll", &hdevobjdll, TRUE, SRC_POS);
LoadSystemDll (L"powrprof.dll", &hpowrprofdll, TRUE, SRC_POS); LoadSystemDll (L"powrprof.dll", &hpowrprofdll, TRUE, SRC_POS);
LoadSystemDll (L"dwmapi.dll", &hdwmapidll, TRUE, SRC_POS);
LoadSystemDll (L"crypt32.dll", &hcrypt32dll, TRUE, SRC_POS); LoadSystemDll (L"crypt32.dll", &hcrypt32dll, TRUE, SRC_POS);
LoadSystemDll (L"bcrypt.dll", &hbcryptdll, TRUE, SRC_POS); LoadSystemDll (L"bcrypt.dll", &hbcryptdll, TRUE, SRC_POS);